CVE-2026-9381: Buffer Overflow in Edimax BR-6675nD
CVE-2026-9381 is a high-severity buffer overflow vulnerability in the Edimax BR-6675nD router version 1. 12. The flaw exists in the formPPPoESetup function handling the POST request /goform/formPPPoESetup, where manipulation of the pppUserName argument can cause a buffer overflow. This vulnerability can be exploited remotely without user interaction and requires low privileges. The exploit code is publicly available, but no vendor response or patch has been provided as of the publication date.
AI Analysis
Technical Summary
This vulnerability affects Edimax BR-6675nD firmware version 1.12 in the POST Request Handler component, specifically the formPPPoESetup function. By sending a specially crafted POST request with a manipulated pppUserName parameter, an attacker can trigger a buffer overflow condition. The vulnerability is remotely exploitable without user interaction and requires low privileges, making it a significant risk. The vendor has not issued any advisory or patch, and the exploit is publicly known.
Potential Impact
Successful exploitation of this buffer overflow could allow an attacker to execute arbitrary code on the affected device remotely, potentially leading to full device compromise. Given the high CVSS score (8.7) and the availability of public exploit code, this vulnerability poses a serious risk to affected devices. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded or provided a patch, users should consider mitigating exposure by disabling remote management features if possible, restricting network access to the device, or replacing the device with a non-vulnerable model until an official fix is available.
CVE-2026-9381: Buffer Overflow in Edimax BR-6675nD
Description
CVE-2026-9381 is a high-severity buffer overflow vulnerability in the Edimax BR-6675nD router version 1. 12. The flaw exists in the formPPPoESetup function handling the POST request /goform/formPPPoESetup, where manipulation of the pppUserName argument can cause a buffer overflow. This vulnerability can be exploited remotely without user interaction and requires low privileges. The exploit code is publicly available, but no vendor response or patch has been provided as of the publication date.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects Edimax BR-6675nD firmware version 1.12 in the POST Request Handler component, specifically the formPPPoESetup function. By sending a specially crafted POST request with a manipulated pppUserName parameter, an attacker can trigger a buffer overflow condition. The vulnerability is remotely exploitable without user interaction and requires low privileges, making it a significant risk. The vendor has not issued any advisory or patch, and the exploit is publicly known.
Potential Impact
Successful exploitation of this buffer overflow could allow an attacker to execute arbitrary code on the affected device remotely, potentially leading to full device compromise. Given the high CVSS score (8.7) and the availability of public exploit code, this vulnerability poses a serious risk to affected devices. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded or provided a patch, users should consider mitigating exposure by disabling remote management features if possible, restricting network access to the device, or replacing the device with a non-vulnerable model until an official fix is available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-23T14:59:11.274Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a12f32d09f6977edb61a974
Added to database: 5/24/2026, 12:46:37 PM
Last enriched: 5/24/2026, 1:01:34 PM
Last updated: 5/24/2026, 1:52:47 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.